package com.cetc.nsfx.security.shiro;

import com.cetc.nsfx.security.vo.UserContext;
import com.cetc.nsfx.service.sys.UserService;

import com.cetc.nsfx.util.EncryptUtils;
import org.apache.ibatis.logging.Log;
import org.apache.ibatis.logging.LogFactory;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.HashSet;
import java.util.Map;
import java.util.Set;

@Service("monitorRealm")
public class MonitorRealm extends AuthorizingRealm {
	/*
	 *
	 * 
	 * @Autowired RoleService roleService;
	 * 
	 * @Autowired LoginLogService loginLogService;
	 */

	public static final Log logger = LogFactory.getLog(MonitorRealm.class.getName());


	@Autowired
	UserService userService;

	public MonitorRealm() {
		super();

	}

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(
			PrincipalCollection principals) {

		Map<String,Object> user = userService.getUserByUserId(getName());
		//基于Permission的权限信息
		if (user != null) {
			/* 这里编写授权代码 */
			Set<String> roleNames = new HashSet<String>();
			Set<String> permissions = new HashSet<String>();
			roleNames.add(getName());
			permissions.add("user.do?myjsp");
			permissions.add("login.do?main");
			permissions.add("login.do?logout");
			SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(roleNames);
			info.setStringPermissions(permissions);
			/*SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
			for (Role role : user.getRoles()) {
				for(Permission permission: role.getPermisssions()){
					info.addStringPermission(permission.getValue());
				}
			}*/
			return info;
		} else {
			return null;
		}



	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken authcToken) throws AuthenticationException {
		/* 这里编写认证代码 */
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		Map<String,Object> user = userService.getUserByUserId(token.getUsername());

		if (user != null) {
			String plainPassword =String.valueOf(token.getPassword());
			String p1 = EncryptUtils.encryptMD5(plainPassword);

			String p2=(String)user.get(UserContext.USER_PASSWORD);

			if(!p1.equals(p2))
				throw new AuthenticationException("密码错误");

			UserContext userContext=new UserContext();


			userContext.setUserId((String)user.get(UserContext.USER_ID));
			userContext.setUsername("");
			//	userContext.setRoles(user.getRoleList());
			userContext.setHostAddress(token.getHost());
			userContext.setUser(user);
			return new SimpleAuthenticationInfo(userContext,plainPassword.toCharArray(), getName());
		}else{
			throw new AuthenticationException("用户不存在");
		}


	}

	public void clearCachedAuthorizationInfo(String principal) {
		SimplePrincipalCollection principals = new SimplePrincipalCollection(
				principal, getName());
		clearCachedAuthorizationInfo(principals);
	}

}
